BlackBerry has released research revealing that 76% of UK IT leaders believe that foreign states are already using ChatGPT for malicious purposes against other nations, with almost half (48%) predicting that we are less than a year away from a successful cyberattack being credited to the technology.
The survey of 500 UK IT decision makers – commissioned by BlackBerry and conducted by OnePoll in January 2023 –exposed a perception that, although 60% of respondents see ChatGPT as generally being put to use for ‘good’ purposes, 72% are still concerned by its potential to be used for malicious purposes when it comes to cybersecurity.
Though there are differing views amongst UK IT leaders on how that threat might manifest, ChatGPT’s ability to help hackers craft more believable and legitimate sounding phishing emails is the top UK concern (57%), followed by the increase in sophistication of threat attacks (51%) and the ability to accelerate new social engineering attacks (49%). Additionally, almost half of UK-based IT directors are concerned by ChatGPT’s potential to be used for spreading misinformation (49%), as well as its capabilities to enable less experienced hackers to improve their technical knowledge (47%).
Shishir Singh, Chief Technology Officer, Cybersecurity at BlackBerry explains: “ChatGPT will likely increase its influence in the cyber industry over time. We’ve all seen a lot of hype and scaremongering, but the pulse of the industry remains fairly pragmatic – and for good reason. There are a lot of benefits to be gained from this kind of advanced technology and we’re only beginning to scratch the surface, but we also can’t ignore the ramifications. As the maturity of the platform and the hackers’ experience of putting it to use progresses, it will get more and more difficult to defend without also using AI in defence to level the playing field.”
Indeed, BlackBerry’s research results also revealed that the majority (78%) of UK IT decision-makers plan to invest in AI-driven cybersecurity in the next two years and more than two in five (44%) plan to invest before the end of 2023. This reflects the growing concern that signature-based protection solutions are no longer effective in providing cyber protection against increasingly sophisticated threats.
Whilst more than half (52%) of UK IT directors are positive that ChatGPT will enhance cybersecurity for businesses, the survey also revealed that 88% of UK IT directors believe governments have a responsibility to regulate advanced technologies. However, at present, there is an optimistic consensus among UK IT leaders that technology and research professionals will gain more than cyber criminals from the capabilities of ChatGPT.
Shishir Singh concludes: “It’s been well documented that people with malicious intent are testing the waters but, over the course of this year, we expect to see hackers get a much better handle on how to use ChatGPT successfully for nefarious purposes; whether as a tool to write better mutable malware or as an enabler to bolster their ‘skillset.’ Both cyber pros and hackers will continue to look into how they can utilise it best. Time will tell who’s more effective.”
